libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions
24723 commits 4 branches 5 tags 483 MiB
Commit graph

12 commits

Author SHA1 Message Date
Alexander Schwartz
5b4a69a6e9 Limit the concurrency of password hashing to the number of CPU cores available 
Closes #28477

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-15 15:05:09 +02:00
Christopher Miles
1646315939 Deny list lower cases all passwords when loading from file 
Closes #28381

We always lower case the inbound password before comparing against the deny list
yet the deny list may contain passwords that contain upper case letters. With
this change we will now convert passwords from the deny list into lower case
while loading, ensuring that more passwords match the deny list.

Signed-off-by: Christopher Miles <twitch@nervestaple.com>
 2024-04-15 08:49:37 +02:00
Stian Thorgersen
c3a98ae387
Use Argon2 as default password hashing algorithm (#28162) 
Closes #28161

Signed-off-by: stianst <stianst@gmail.com>
 2024-03-22 13:04:14 +00:00
Stian Thorgersen
cae92cbe8c
Argon2 password hashing provider (#28031) 
Closes #28030

Signed-off-by: stianst <stianst@gmail.com>
 2024-03-22 07:08:09 +01:00
Alexander Schwartz
6de61f61f0 Adding missing explicit IDs for cross-references 
Closes #27316

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-28 08:37:52 +01:00
Marek Posolda
e2fb8406a3
Fixing the docs about default hashing iterations (#27020) 
closes #26816

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-15 08:11:44 +01:00
mposolda
7af753e166 Documentation for AIA 
closes #25569

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-12 09:42:34 +01:00
Thomas Darimont
d30d692335 Introduce MaxAuthAge Password policy (#12943) 
This policy allows to specify the maximum age of an authentication
with which a password may be changed without re-authentication.

Defaults to 300 seconds (default taken from Constants.KC_ACTION_MAX_AGE) to remain backwards compatible.
A value of 0 will always require reauthentication to update the password.
Add documentation for MaxAuthAgePasswordPolicy to server_admin

Fixes #12943

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2023-11-20 14:48:17 +01:00
David Bister
9420670f14 Update regex password policy to state the specific type of regex to be used. 
Closes #21652
 2023-07-14 16:32:37 +02:00
Pedro Hos
142bb30f66
Incorrect documentation around password policies (#19364) 
closes #19363


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-03-29 10:09:40 +02:00
Thomas Darimont
ad05557321 Revise password blacklist documentation 
Closes #19279

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Andy Munro <amunro@redhat.com>
 2023-03-28 08:01:39 +02:00
Alexander Schwartz
4dcb819c06 Moving docs to new folder 
CIAM-5056
 2023-03-20 09:07:58 +01:00
Renamed from server_admin/topics/authentication/password-policies.adoc (Browse further)